Please fill out a form below and our sales representative will contact you within 24 hours.

First name*

Last name*

Work email*

Direct phone number*

Country: United States

How can we help?

Required fields*

Job title*

Company*

How many employees do you have?*

Purchase time frame*

Thank you for your interest in RingCentral

A solutions specialist will contact you within 24 hours.

If you'd like to speak with someone now, please call 1-877-857-9210.

Legal

Security Overview

RingCentral recognizes that secure and reliable phone service is critical to business operations. As a cloud service provider, RingCentral offers robust multi-tenant cloud communications service with several layers of security built in. This paper explains the security model for RingCentral’s cloud services.

Overview

The security of RingCentral’s cloud services encompasses multiple layers and many components, from policies and methodologies to service architecture; capability to detect potential toll fraud and service abuse, and user controlled service administration. Security capabilities and settings reside in the application and infrastructure layers, within the service delivery and operations processes, and the company’s security policies and governance practices.

The security of customer PBX services is shared among customers, who manage their PBX policies, user permissions, and login information, and RingCentral, who manages service delivery, architects and designs security into the product, and ensures physical and environmental security of the service. We employ a multi-layered security model, with security at the perimeter, at the service delivery layer, SSL on our web applications, tier 1 data centers, and settings in the interface that a customer controls.

In addition, RingCentral has a full-time security and fraud-prevention department with a security program that is based on industry best practices; our security program also includes communications fraud monitoring where we monitor customers’ service for anomalous calling that may be toll fraud.

User Service Administration

RingCentral’s cloud services include front-end settings that customers control to manage their PBX policies and their users.

Application Security

Transmission Security

RingCentral utilizes SSLv3/TLSv1 to encrypt web session traffic.

Network and Infrastructure Security

RingCentral’s network and application perimeter is protected with firewalls and session border controllers. Administrative access requires authenticating through a production VPN gateway, then authenticating to local infrastructure systems. Only authorized personnel are given access to the production environment. Technology layers include intrusion-detection systems, system logs, and fraud analytics. Operational processes include system and service-level monitoring, system hardening, change management, and regular vulnerability scans.

The geographic diversity of our locations acts as an additional safeguard, minimizing our risk of loss and service interruption due to natural disasters and other catastrophic situations.

Fraud Mitigation

The RingCentral service includes multiple layers to prevent and detect toll fraud, including access control, detection controls, usage throttling, and customer-controlled settings to enable/disable international calling to approved destinations. In addition, RingCentral’s security department performs active monitoring to detect and notify customers of anomalous calling patterns on their account.

Disaster Recovery

The RingCentral service is architected to support failover conditions in case of emergency. Our service is built with geographically distributed redundancy. Primary and backup locations remain online simultaneously, with a primary pod in active mode, and the secondary pod in standby mode. Database replication between locations is in real time, with failover being built into the service. If a primary location is unavailable, the backup location will continue service. In addition to infrastructure and application redundancy, we also have geographically distributed operations such that service operations can also continue if one location is not available.

Checklist for Protecting Your RingCentral Service

Strong PIN

Disable calling card feature if not needed.

Disable international calling if not needed.

If you use international calling, restrict call destinations to those needed for your company business.